Tag: ddos

Celtic FC’s website was under attack this week from distraught and furious FC Sion fans.

It faced serious, repeated DDoS attempts when FC Sion got kicked out of the UEFA Cup, because it was found to have fielded players against Celtic who weren’t registered.

Celtic is in the news about a rivalry against the Swiss team. The view in Switzerland is that UEFA is ignoring the wills of the Swiss courts, and fans are furious.

People the world over have realised it’s actually quite easy to bring a lot of websites to their knees, in what is turning into a kind of mob rule situation where if you get enough hacktivists – or angry Sion fans – you can attack companies or organisations, often with little consequence.

Celtic is usually busy rowing with Rangers, including the odd post bomb or two, but it was caught on the back foot this time by Sion fans who found the ruling unacceptable.

George Osborne revealed that government departments in the UK are receiving around 20,000 email based attacks a month, with experts saying that China is one of the main sources.

While it has been the private sector which has been the source of panic over security concerns following the ongoing Playstation Network debacle, the number of constant attacks on British government infrastructure shows that the public sector has not been forgotten by those seeking to steal information.

According to Gideon, during 2010, hostile agencies made “hundreds of serious and pre-planned attempts to break into the Treasury’s computer system,” supposedly averaging at more than one serious attack attempt per day, and making the HMT the most targeted in Whitehall.

Paul Cronin, Technical Director at Pentura, believes that the figure sounds accurate, if not higher than the Chancellor claims.

“There are certainly many criminal organisations that would want to conduct such attacks to gain information,” he told TechEye.

“But a lot of the threat comes from government agencies, with much of the attacks likely to be coming from China where they don’t seem to hide the fact that they train people to do this.

“And there are of course potentially a lot more attacks that are not even being detected so the figure of 20,000 could of course be higher.”

At the Google Zeitgeist conference, Osborne pointed to a specific attack which occurred last year where an email concerning G20 was swapped for a malicious file and forwarded to the same distribution list.

“To the recipient it would have simply looked like the attachment had been sent twice. Fortunately, our systems identified this attack and stopped it,” he said.

However, he also insisted that the government was working hard to make sure that there was adequate protection from such attacks – stating that the Coalition is“not taking this challenge lying down”.

DDoS attacks are becoming increasingly popular thanks to the headlines they have enjoyed and the relative availability and ease with which they can be performed. While they have been reported more often – in particular thanks to the efforts of Anonymous – they are still, to an extent, the elephant in the room. And something drastic will need to happen before the authorities really take notice.

Recently, a hacker in the US has been sentenced to two years in jail for planning a DDoS attack on thousands of news websites.

A particularly personal story surfaced in the press which mentioned a chatroom romance with a “woman”, but was actually a prank by a former associate. However, the damage had already been done, as he unknowingly had left his wife for this “girl” from the chatroom.

Bruce Raisley was found guilty back in September 2010 after he allegedly built a botnet, which he planned to use to launch attacks on publications including Rolling Stone magazine, Nettica and Radar.

Raisley didn’t get as far as other high-profile DDoS attempts. But his crude attempted form of censorship raises other points about the damage DDoS can do, from an amateur or otherwise.

Paul Bristow, Chief Operating Officer at Webscreen, tells us that the difference between now and six to nine months ago is that, then, “if a DDoS attack had occurred we probably wouldn’t have known about it.”

That’s because the incidents have been gaining more exposure. In a way that is a good thing: “Now we understand, there is an elephant in the room but the question is: what do we do with it?” Bristow asks.

“More people have awareness of what a DDoS attack is in the sense they understand that it’s powerful.

“However, the bulk of people are sitting on the fence wondering what to do. Many will choose not to do anything until they, or competitors close to them, get attacked. The main questions they ask are ‘Would we survive it?’ or ‘Why would they attack us?'”

There’s a high probability anyone in the media could, at some point, put someone’s nose out of joint which would make them more likely to be attacked. Financial organisations are among the first to have accepted that this will happen, according to Bristow.

“We need legislation to go after these people but this won’t happen for years, or unless something happened that really shook things up, for example a DDoS on the HMRC site,” he added.

His points were echoed by a security expert with close links to the corporate and government sectors, who told TechEye: “As time goes by they [DDoS] will become a key way for companies and rivals to cause major trouble for each other, and there’s already many a hacker/company making money from this type of attack.”

However, governments in the UK and the US are “not currently considering this type of attack in their security notes. It’s too new, and the way they see it, it’s not as important as, for example, a cyberbot from China.

“It’s therefore not even worth talking about legislation, until they finally see what a threat this type of attack is.”

And that could mean something catastrophic for national security, he says.

“Something really major needs to happen before they take this seriously.

“Drawing comparisons with the physical world, and, as sad as is it, we need a cyber DDoS 9/11 to occur. Only then will governments sit up and think about legislation.”

Russia’s President has told all his subscribers on LiveJournal that a cyber attack on the self-satisfied narcissist’s diary-sharing tool is “outrageous”.

As is often the case when websites are crippled it was a distributed denial of service (DDOS) attack that hit earlier this week. Insecurity outfit Kaspersky said thousands of computers pointed repeat requests at the servers which brought LiveJournal to its knees.

MedvedevXOXO1965 said: “……..this sucks….. as if anything else could go wrong.. now some pathetic losers have attacked L J.. my friendss are furius. neway back now so will keep yall updated peace out.X”

LiveJournal is an influential sphere for free speech in the Motherland. Many turn to it, says the BBC, as a way to discuss the wheelings and dealings of what is perceived to be the corrupted broadcasters and newspapers which are under pressure from corporate interests.

Novaya Gazeta was next in line. It’s a newspaper which is known for voicing strong, critical opinions on what the State is up to.

You may recall our chat with Paul Bristow, chief operating officer at anti-DDOS outfit WebScreen. Bristow suggested that if unprotected from DDOS, it’s a ruthlessly efficient way to get rid of websites that are either competition or saying something shady corporates aren’t into.

We guess someone, somewhere in Russia – with some degree of power – has been annoyed by rumblings and rantings on LiveJournal and the newspaper, and has decided to buy an attack on notions of free speech. DDOS is still the elephant in the room.

When the London Stock Exchange (LSE) went caput early November last year there were whispers of sabotage. A report in The Times suggests that, yes, there was dirty work afoot.

“Make no mistake, the UK’s critical infrastructure is under attack. The threat is advanced and persistent,” an insecurity expert said to The Times. You may or may not remember other stories on TechEye last year which suggested that it’s not just that we have been under attack, rather that we are constantly under attack: and only some of what you hear about, the tip of the iceberg, will surface in reports.

Distributed Denial of Service attacks have, in particular, been in the news thanks to the efforts of Anonymous and anti-Anonymous groups over the Wikileaks support fiasco. It is a relatively easy attack to perform and, as we reported, if there is a common cause summoning the collective outrage of any particular group to download a program and point it at a target can wreak havoc.

Similarly, a cyber security expect with clearance at high levels revealed to us that Western governments have long been considering cyber warfare. “You would be a fool,” our deepthroat said to us, “to think that governments are not considering the applications for cyber warfare.”

If that’s the case – is it any wonder that “hacktivists” working through some far-flung proxy may be launching attacks on stock exchanges? After all – this is the heart of financial activity.

Last year, the US government’s Homeland Security secretary thought a return to the Mutually Aided Destruction, or M.A.D model of the cold war, makes sense in cyberspace.

Michael Chertoff believes that world governments need to work on technologies to ward off attacks from elsewhere. Indeed – India was the first country to publicly take a step in geopolitical cyber defence. It announced that it has been gathering homegrown talent with the capabilities to fight off attacks – and more crucially, go on the offensive, too.

Should we be alarmed? Maybe – the world is increasingly moving toward data as one of its greatest assets as the digital revolution keeps our money in computerised stocks and numbers over bullion. But should we be surprised? Probably not. The Times’ scoop is that it has confirmed attacks have happened. They were probably only a few of many.

Anonymous claimed that the arrests reveal that the UK government does not understand the political and technological reality of the modern world and considers the move a declaration of war against Anonymous.

Anonymous said that traditional forms of protest, such as picketing and sit-ins, are now little more than “an empty, ritualised gesture of discontent”. It said that people are looking for new ways to make politicians wake up and hear the cry of the people.

It claimed that the use of Distributed Denial of Service (DdoS) attacks is simply the technological equivalent to blocking access to a building in a traditional form of protest. It said that it was “irrelevant” where the infrastructure was located, either in the real world or in cyberspace.

Anonymous also said that their DDoS attacks do not constitute as hacking, since they only flood a server with traffic and don’t gain unauthorised access to a computer or network, the definition of hacking used in law.

It claimed that arresting someone for a DDoS attack is like arresting someone for a peaceful demonstration, a view which is unlikely to wash with the police. It also accused the UK government of being hypocritical in hunting down Anonymous DDoSers but ignoring those who previously DDoSed Wikileaks, and it said that it has concluded that the arrests are “politically motivated”.

Of course, it’s not the ringleaders of Anonymous who get arrested, but the Average Joes who are invited to download and employ DDoS tools, often without the use of a proxy server or other forms of online identity protection. These individuals face up to 10 years in jail and a fine of £5,000 ($7,957), a sentence which Anonymous labelled as “ridiculous”.

This means that the attacks can still be masterminded and orchestrated by hackers who know how to keep their identity secret, with disgruntled citizens taking the fall. “You can easily arrest individuals, but you cannot arrest an ideology,” Anonymous stated, suggesting that it will continue its attacks regardless of how many people get arrested.

If any of the head honchos do get caught, they can always use that in their defence, that they can’t be one of the ringleaders or they wouldn’t have gotten caught. That doesn’t stop them from receiving a potentially hefty fine and prison sentence though.

Anonymous said that it will cross any borders to achieve its aim and that the UK government should take its message as a “serious warning”. It requested that its fellow members be released.

With the FBI issuing 40 warrants today as part of its investigation into the attacks, this situation is likely to escalate even further.

The old bill could have finally caught up with some of the members of the DDoS and social activism group Anonymous.

According to breaking reports they have arrested five men who could be responsible for a range of web attacks carried out in support of Wikileaks. In the past they have targeted the likes of PayPal, Mastercard and Amazon, which have turned their back on the website.

The five men were picked up from their homes in the West Midlands, Northamptonshire, Hertfordshire, Surrey and London this morning.

This investigation by the Central e-Crime Unit was carried out in conjunction with law enforcement agencies in Europe and, surprise, the US.

All five have been taken to local police stations where they remain in custody.

Members of Anonymous have previously had run-ins with the law – in the US, at an anti-Scientology protest, an activist claims he was unfairly targeted and victim of a sting over attack charges.

The hack resulted in the compromise of the details of 2,000 members of the public who registered their support with the party on its recently relaunched website, ahead of a Spring election. Fine Gael contacted the Data Protection Commissioner and Garda Computer Crime Unit about the data breach.

The number of users affected could be much larger than the 2,000 cited by Fine Gael, however. An Irish journalist working for The Evening Herald claims it has received the details of 4,000 people who signed up to the party’s website.

Details that were obtained in the hack, which took place between 8:00pm and midnight, include email address, IP addresses and mobile phone numbers. Fine Gael said that all users who are affected have been emailed about the breach.

It is largely expected that Fine Gael will win the most seats at the next General Election in March, leading a government coalition with the Labour Party. A recent opinion poll suggested Fine Gael would win 35 percent of the vote, with the current leading party in government, Fianna Fail, dropping to a record low of 14 percent.

It is not clear if the hack was an attempt to hinder pre-election campaigns, but Anonymous left a message on the Fine Gael website, which read:

“Nothing is safe, you put your faith in this political party and they take no measures to protect you.”

The party’s website has been replaced with a place-holder while an investigation is launched.

Neatly filling the hole left when Superman hung up his cape and put something on over his underpants, the group is targeting the country over its censorship and lack of press freedom. Recent riots, it says, have remained largely unreported.

On December 17, Mohamed Bouazizi, a 26-year-old Tunisian university graduate set himself on fire after being unable to find work, sparking massive riots. Ben Ali immediately implemented a near-total news blackout, claiming the media was part of a conspiracy to destabilise the country.

“The media blackout is so severe that in the first days of the riots, one Tunisian resident remarked incredulously on Twitter that everyone was lying about the riots, because he had seen nothing of them on TV or in the newspapers,” says Rasha Moumneh, a researcher for Human Rights Watch.

This hasn’t been difficul to to achieve, as the government owns or controls practically all media outlets. And as activists have increasingly taken to Facebook and Twitter to document events, the government’s cracked down on those too.

“The Tunisian government led by President Ben Ali has shown an outrageous level of censorship, not only blocking the websites of dissident bloggers but also sites like Flickr and any website or news source mentioning,” says Anonymous in an open letter to the media.

“In a show of blatant disregard for the guaranteed right of free speech, over the past 24 hours Tunisian government officials have hacked email and Facebook accounts of anyone who has taken actions labelled as ‘activism’.”

This, says Anonymous, can be as innocent as commenting on a discussion board for a Wikileaks related group.

Anonymous’ DDoS attacks appear to have brought down half a dozen websites, including commerce.gov.tn, tunisia.gov.tn and www.ministeres.tn. The group even managed to post an open letter to the government on Ben Ali’s website, pm.gov.tn, for a while.

“Like a fistful of sand in the palm of your grip, the more you squeeze your citizens the more they will flow right out of your hand. The more you censor your own citizens the more they shall know about you and what you are doing,” it reads.

It finishes: “We are Anonymous. We are the angry avatar of free speech. We are the immune system of democracy. We do not forgive censorship. We do not forget free speech. Expect us – always.”

Graham Cluley of security form Sophos says the attacks were planned yesterday on an Internet Relay Chat (IRC) forum.

But, he says, “Anyone considering signing up to join in the attacks on the websites of various governments (we recently saw Zimbabwe similarly targeted) would be wise to remember that participating in a DDoS attack is against the law.”

The founder of Wikileaks took time out from his busy schedule of house arrest to deny a claim by the US Vice President that he was a terrorist.

Of course Julian Assange is not being held on terrorism charges, just extradition to Sweden where he faces a potential court case for being a sex pest.

Given that, it is not every day that the second most powerful man in the US, Vice President Joe Biden calls you a “hi-tech terrorist”. In the US being labelled a terrorist means that you end up on a deck of cards with a cruise missile winging its way to your destination.

Since there has been a distinct absence of missiles, cruise or otherwise, heading towards Assange’s plush Ellingham Hall house arrest, we can assume that Biden was probably sabre rattling. US prosecutors are trying to pin a charge against him on the grounds that he encouraged a US soldier, Bradley Manning, to steal US cables from a government computer and pass them to Wikileaks. This cannot be going very well. Assange has denied knowing Manning.

But, nevertheless, Biden scored an own goal with his “high tech terror” comments.

As Assange pointed out “terrorism is defined as the use of violence for political purposes” and while he has done a lot of things, the only people who have ever accused him of violence were the Swedish girls he allegedly slept with.

As yet, Wikileaks has not even threatened to blow up anyone, not been connected with weapons and seems totally opposed to the use of violence for political ends. Any terror that exists is in an abstract mind within Biden’s own head.

However, Assange cocked up his own point by suggesting that Biden’s administration continues to take offence at the organisation and the press with a violent or political objective. So they must be real terrorists. Well no more than you are Assange. So far the US has not threatened him with violence either. It seems that both are as bad as each other.

Assange moaned to El Pais that he was “in a condition of high-tech arrest” I have electronic jewellery which means if I leave the house outside of curfew times then an alarm will go off. It is very Orwellian.”

If it bugs you Assange, maybe you would like to go back to the jail? Let us not forget that you have not been arrested for running Wikileaks, you are being extradited for allegedly being a sex pest. There are very few alleged sex pests who are allowed bail, so you should count yourself lucky.

Assange is staying at Ellingham Hall, which is a mansion on a friend’s 600-acre country estate in eastern England, where he must live while on bail, pending ongoing extradition proceedings which may take months.

He would probably be better off popping over to Sweden and demolishing the prosecution’s case if it is all as flimsy as he says it is.